Sunday, January 31, 2016

Members of the AnonSec hacking group have released more than 276GB of data after allegedly spending months inside NASA’s internal network.

The collection of files, provided to Infowars by AnonSec admin Dêfãult Vírüsa prior to being made public Sunday, include 631 videos from aircraft and weather radars, 2,143 flight logs as well as the names, email addresses and phone numbers of 2,414 NASA employees.
A “zine,” or self-published paper detailing the hack, dubbed “OpNasaDrones,” reveals everything from AnonSec’s motives to the specific technical vulnerabilities that enabled the extensive breach.
“NASA has been breached more times than most people can honestly remember… However, this hack into NASA wasn’t initially focused on drones [sic] data and upper atmosphere chemical samples. In fact the original breach into NASA systems wasn’t even planned, it was caught up in a gozi virus spread,” the hackers write, referring to an infamous Trojan that has infected more than 1 million computers to date.The Hack
After purchasing an “initial foothold” from a hacker with knowledge of NASA servers over two years ago, the group says it began testing how many machines it could “break into” and “root” – a term referring to an account with complete control over a computer or network.
Brute forcing an administrator’s SSH password, which reportedly only took “0.32” seconds due to the credentials being left as default, AnonSec gained further access inside – allowing them to grab even more login data with a hidden packet sniffer (tcpdump).
The hackers say while some members mapped the network, others analyzed the “different missions, airbases and aircraft” listed by the agency. Public missions like “OIB – Operation Ice Bridge” and drones such as the “Global Hawk“ were among those mentioned.
Deleting records of their presence as they hacked deeper into the agency’s system, AnonSec, who even hacked security cameras and uncovered the schematics to one base’s camera layout, then infiltrated the networks at “Glenn Research Center, Goddard Space Flight Center and Dryden Flight Research Center.”
Once inside, the group says it began noticing numerous systems and networked devices “popping up in scans that were not previously visible…”
After sniffing a password belonging to the system administrator, the hackers say they were eventually able to gain full root access to three network-attached storage (NAS) devices tasked with compiling backups of aircraft flight logs.
“Now we had all 3 NAS devices automatically making copies of the logs as they are uploaded from the drones and renaming them to look like semi ordinary index files,” the group writes, mocking the system administrator responsible for protecting the data.Hackers Attempt to Crash Drone into Pacific Ocean
As the information began flowing unsuspectingly to an AnonSec-controlled server outside of the NASA network, analysis of the data yielded what the hackers described as “weird traffic.”
According to the group, the traffic consisted of “pre-planned route option” files which allow NASA to upload specific flight paths prior to take off.
After protest from several hackers, the group says it decided to carry out a man-in-the-middle (MiTM) attack several months later that replaced the drone route file with one of their own in an attempt to crash the aircraft into the ocean.
“Several members were in disagreement on this because if it worked, we would be labeled terrorists for possibly crashing a $222.7 million US Drone… but we continued anyways lol,” the zine states.
A screenshot from the hackers shows their intended flight path, which they say was cut short after drone pilots on the ground likely noticed the aircraft’s unusual behavior, forcing NASA to restore manual control.
“This recreated flight is from our attempt to crash the GlobalHawk [sic] into the Pacific Ocean but seemed to have been taken off of the malicious pre-planned route and was controlled via SatCom [sic] by a pilot once GroundControl [sic] realized,” the hackers write.
Soon after the alleged drone episode, the group says it was completely shut out from NASA’s networks.
“Whether it was the high amount of traffic sending drone logs across their compromised network or the attempted crashing of a GlowbalHawk [sic] that caused them to FINALLY inspect their networks, we don’t know. But it went down for a while soon after.”
“When they came back up several days later, we had completely lost access.”
Despite NASA’s ability to boot the hackers by changing passwords and patching critical vulnerabilities, vast amounts of information had already been exfiltrated.
“People might find this lack of security surprising but its [sic] pretty standard from our experience,” the group says. “Once you get past the main lines of defense, its [sic] pretty much smooth sailing propagating through a network as long as you can maintain access.”Aircraft Footage & Flight Logs
The 631 videos siphoned out, filmed during 2012 and 2013, feature footage of weather radar readings as well as both manned and unmanned aircraft in multiple stages of flight.
One 59-minute video from May of 2012 shows one such drone taking off from a NASA runway before cutting out 30 minutes into its mission.
Other videos appear to be above large bodies of ice, likely related to the agency’s climate studies.
Flight logs which seem to coincide with some of the video files include the location of take off, aircraft model, mission name, sensor readings and GPS coordinates.
A screenshot showing a small portion of one log file, possibly from 2014, details the flight of a DC-8 involved in the public “Alternative-Fuel Effects on Contrails and Cruise EmiSSions” project.The Dox
After examining the list of 2,414 employee names, emails and phone numbers, Infowars was able to confirm the legitimacy of several entries.
Although no calls were answered, names mentioned on each answering machine matched those listed in the hack.
At the time of publishing, Infowars did not receive calls back from any employees on the list or representatives at the Glenn Research Center, Goddard Space Flight Center, Dryden Flight Research Center and the NASA Media Room.
Infowars briefly spoke to NASA’s IT Security Division but did not receive a call back for comment.
Infowars did not receive comment from the FBI after both calling and emailing the agency.Method Behind the Madness
AnonSec’s zine specifically cites climate engineering methods such as cloud seeding and geoengineering as the main driver behind the hack.
“One of the main purposes of the Operation was to bring awareness to the reality of Chemtrails/CloudSeeding/Geoengineering/WeatherModification, whatever you want to call it, they all represent the same thing. NASA even has several missions dedicated to studying Aerosols [sic] and their affects on the environment and weather, so we targeted their systems.”
Cloud seeding, a weather modification method that uses silver iodide to create precipitation in clouds, was most famously used by the U.S. military under “Operation Popeye” during the Vietnam war. After seeding clouds in the northern part of the country, U.S. forces were able to thwart Viet Cong supply lines by creating heavy rain over the Ho Chi Minh Trail.
Geoengineering, according to NASA’s Erik Conway, involves “injecting sulfate particles into the upper atmosphere – essentially mimicking a large volcanic eruption,” in an attempt to reflect sunlight away from the planet.
A poll conducted by the Independent in 2009, outlined in the article “Climate scientists: it’s time for ‘Plan B,'” states that more than 50 percent of climate scientists support looking into geoengineering.
“Just over half – 54 per cent – of the 80 international specialists in climate science who took part in our survey agreed that the situation is now so dire that we need a backup plan that involves the artificial manipulation of the global climate to counter the effects of man-made emissions of greenhouse gases.”
The hackers link to several mainstream reports and patents as evidence of current weather modification programs.
A 2013 article from Slate entitled, “Climate Intelligence Agency: The CIA is now funding research into manipulating the climate,” examines a 21-month, $630,000 project carried out by The National Academy of Sciences.
“The goal of the CIA-backed NAS study is to conduct a ‘technical evaluation of a limited number of proposed geoengineering techniques,’ according to the NAS website,” the article reads. “Scientists will attempt to determine which geoengineering techniques are feasible and try to evaluate the impacts and risks of each (including ‘national security concerns’).”
Another article from The Telegraph listed by the hackers mentions how “The Chinese government covered Beijing in snow… after meteorologists seeded clouds to bring winter weather to the capital in an effort to combat a lingering drought.”
The hackers argue that if cloud seeding, geoengineering and weather modification “are all publicly acknowledged as real, why are Chemtrails [sic] discredited when its [sic] literally the same exact thing just with a different name?”
“We find it staggering how many people still dont [sic] believe the federal government is doing this when its [sic] already public knowledge that the CIA is funding studies, certain states and countries already have WeatherModification [sic] programs in place for the past several years, not to mention all the government whistleblowers,” the zine says.
AnonSec’s Dêfãult Vírüsa, who spoke with Infowars over encrypted communications, stated that no one involved in the NASA breach has been apprehended by law enforcement.